Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/16 12:0 a.m.•28 views

JVN#37825153: AirDroid for Android vulnerable in handling of implicit intents

AirDroid for Android provided by SAND STUDIO contains a vulnerability in the handling of implicit intents. Impact Information in AirDroid may be leaked to a third party through a malicious Android application. Solution Update the Software Update to the latest version according to the information...

4.3CVSS6.2AI score0.00893EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/07 12:0 a.m.•28 views

JVN#38369032: Cybozu Garoon vulnerable to LDAP injection

Cybozu Garoon is a groupware. Cybozu Garoon contains an issue in processing authentication requests, which may result in an LDAP injection vulnerability. Impact A malicious user authorized to administer uesrs in certain groups may obtain information from the authentication server or may perform a...

7CVSS6.7AI score0.01241EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/30 12:0 a.m.•28 views

JVN#18232032: MATCHA INVOICE vulnerable to SQL injection

MATCHA INVOICE provided by ICZ Corporation is a web-based billing management software. MATCHA INVOICE contains multiple SQL injection CWE-89 vulnerabilities. Impact An authenticated attacker may obtain or alter information stored in the database. Solution Update the Software Update to the latest...

6.5CVSS6.9AI score0.01049EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/07/15 12:0 a.m.•28 views

JVN#19011483: Thetis vulnerable to SQL injection

Thetis provided by Sysphonic Co., Ltd. is an open source groupware and SNS. Thetis contains a SQL injection CWE-89 vulnerability. Impact An attacker may obtain or alter information stored in the database. Solution Apply an Update Apply the update according to the information provided by the...

7.5CVSS6.9AI score0.0261EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/05/20 12:0 a.m.•28 views

JVN#64459670: mt-phpincgi vulnerable to PHP object injection

mt-phpincgi is script that runs Movable Type templates as PHP. mt-phpincgi contains a PHP object Injection vulnerability. According to the reporter, attacks that attempt to exploit this vulnerability have been confirmed. Impact Arbitrary PHP code may be executed on the server by an unauthenticate...

7.5CVSS7AI score0.01749EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/04 12:0 a.m.•28 views

JVN#91016415: Maroyaka Relay Novel vulnerable to cross-site scripting

Maroyaka Relay Novel provided by Maroyaka CGI is a CGI script for posting text into a website. Maroyaka Relay Novel contains a persistent cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/12/09 12:0 a.m.•28 views

JVN#98097877: "Omake BBS" of i-HTTPD vulnerable to cross-site scripting

i-HTTPD is a web server for Windows. i-HTTPD contains "Omake BBS". "Omake BBS" contains a flaw in processing input character string, which may result in a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use...

4.3CVSS5.8AI score0.01773EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/17 12:0 a.m.•28 views

JVN#36205251: 365 Links series vulnerable to cross-site scripting

365 Links series provided by php365.com are link directory management tools. 365 Links series contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information...

4.3CVSS5.9AI score0.01161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/04 12:0 a.m.•28 views

JVN#49672671: WisePoint vulnerable to session fixation

WisePoint provided by Falcon System Consulting, Inc. contains a session fixation vulnerability. Impact An attacker may impersonate a registered user. As a result, information may be disclosed or altered. Solution Update the Software Update to the latest version according to the information provid...

6.8CVSS6.2AI score0.01295EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/06/04 12:0 a.m.•28 views

JVN#78136804: CN8000 vulnerable to denial-of-service (DoS)

CN8000 provided by ATEN is a remote access unit used to connect a keyboard, mouse and monitor to two or more computers in a remote location. CN8000 contains a denial-of-service DoS vulnerability. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the Firmware...

7.8CVSS6.5AI score0.01799EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/04/11 12:0 a.m.•28 views

JVN#47386847: SD Card Manager vulnerable to directory traversal

SD Card Manager provided by apps4u@android contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has...

5.8CVSS6.9AI score0.01152EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/02/26 12:0 a.m.•28 views

JVN#71045461: Cybozu Garoon vulnerable to SQL injection

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the process of downloading files, which may result in SQL injection. Impact A user who can log in to the system may obtain or alter information on the system. Solution For Cybozu Garoon 3.7: Apply the Patch...

6.5CVSS7.1AI score0.0104EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/02/26 12:0 a.m.•28 views

JVN#48810179: Denny's App for Android. contains an issue where it fails to verify SSL server certificates

Denny's App for Android. contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the...

5.8CVSS6.1AI score0.00587EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/02/21 12:0 a.m.•28 views

JVN#24730765: Blackboard Vista/CE vulnerable to cross-site scripting

Blackboard Vista/CE is a learning management system LMS. Blackboard Vista/CE contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the...

4.3CVSS5.8AI score0.01773EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/10 12:0 a.m.•28 views

JVN#85716574: NeoFiler vulnerable to directory traversal

NeoFiler provided by SkyArts.com contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges to...

5.8CVSS6.6AI score0.01392EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/26 12:0 a.m.•28 views

JVN#69700259: HP Autonomy Ultraseek vulnerable to cross-site scripting

HP Autonomy Ultraseek provided by Hewlett-Packard Development Company, L.P. contains an issue in handling specific character encoding, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's Internet Explorer. Solution Update the Software Update the...

3.5CVSS6.1AI score0.01826EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/22 12:0 a.m.•28 views

JVN#97810280: KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates

KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by th...

5.8CVSS6.3AI score0.00582EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•28 views

JVN#06870202: EC-CUBE information disclosure vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information disclosure vulnerability. Impact When the server receives a specially crafted request, the absolute path of the product on the server may be obtained. Solution Apply the update or...

5CVSS6.2AI score0.01504EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/05 12:0 a.m.•28 views

JVN#81813850: Tiki Wiki CMS Groupware vulnerable to cross-site scripting

Tiki Wiki CMS Groupware Tiki is a content management system CMS. Tiki contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of an user who is logged in. Solution Apply an Update Apply the appropriate update for the version of the software bei...

4.3CVSS6AI score0.01156EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/30 12:0 a.m.•28 views

JVN#70739377: Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS)

International Components for Unicode ICU is a library for handling Unicode strings. A C version, ICU4C and a Java version ICU4J are available. Multiple products that use ICU4C contain a denial-of-service vulnerability due to a race condition. ICU released ICU4C version 50.1.1 that addresses this...

6.8CVSS6.1AI score0.01339EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/08/07 12:0 a.m.•28 views

JVN#44035194: docomo overseas usage application vulnerability in the connection process

docomo overseas usage application provided by NTT DOCOMO contains a vulnerability within the process of connecting to Wi-Fi access points, which may lead to user information being sent unintentionally. Impact When connecting to a Wi-Fi access point, an attacker may obtain user information. Soluti...

3.3CVSS6.2AI score0.00732EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/07/11 12:0 a.m.•28 views

JVN#68773685: AQUOS PhotoPlayer HN-PP150 vulnerable to denial-of-service (DoS)

AQUOS PhotoPlayer HN-PP150 contains an issue in the processing of packets, which may lead to a denial-of-service DoS. Impact Network functions may be disabled by a remote attacker. Solution Update the Firmware Update to the latest version of firmware according to the information provided by the...

5CVSS6.4AI score0.01904EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/13 12:0 a.m.•28 views

JVN#18501376: OpenPNE vulnerable to cross-site scripting

The management screen in OpenPNE contains an issue in the processing of data input into the "mobile version color scheme configuration" item, which may result in a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of a user who is logged on as an...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/26 12:0 a.m.•28 views

JVN#01313594: jigbrowser+ for Android vulnerable to address bar spoofing

jigbrowser+ for Android contains an issue when opening a new window, which may result in the address bar being spoofed. Impact This vulnerability could be leveraged to forge the contents of the address bar for conducting phishing attacks. Solution Update the software Update to the latest version...

5.8CVSS6.1AI score0.00946EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/29 12:0 a.m.•28 views

JVN#01167429: OpenWnn for Android vulnerable to information disclosure

OpenWnn provided by OMRON SOFTWARE Co., Ltd. is a Japanese Input Method Editor IME. OpenWnn for Android contains an issue in the access permissions for certain files. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may...

4.3CVSS6.2AI score0.01031EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/26 12:0 a.m.•28 views

JVN#16817324: Multiple JustSystems products vulnerable to arbitrary code execution

Multiple products provided by JustSystems Corporation contain a vulnerability that may allow arbitrary code execution. For more information, refer to the information provided by the developer. Impact Opening a file may cause arbitrary code to be executed with the privilege of the running...

9.3CVSS7AI score0.03815EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/14 3:52 a.m.•28 views

Welcart vulnerable to cross-site request forgery

Overview Welcart contains a cross-site request forgery vulnerability. Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site request forgery vulnerability. Yoshinori Matsumoto of Kobe Digital Lab., Inc. reported this vulnerability to IP...

6.8CVSS6.5AI score0.0107EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/02 12:0 a.m.•28 views

JVN#55398821: Pebble vulnerable to open redirect

Pebble is an open source weblog system. Pebble contains an open redirect vulnerability. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the software Update to the...

5.8CVSS6.3AI score0.01305EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/11/01 12:0 a.m.•28 views

JVN#98649286: CSWorks LiveData Service vulnerable to denial-of-service (DoS)

LiveData Service, a server component of CSWorks, contains an issue when processing TCP packets, which may lead to a denial-of-service DoS. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the software Update to the latest version according to the information...

5CVSS6.3AI score0.02351EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/28 12:0 a.m.•28 views

JVN#62336482: FFFTP may insecurely load executable files

FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest...

9.3CVSS7AI score0.02343EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/13 12:0 a.m.•28 views

JVN#08307791: Plume vulnerable to cross-site scripting

Plume is a Content Management System CMS. Plume contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of a user that is logged in as administrator. Solution Update the Software Update to the latest version according to the information provide...

2.6CVSS5.8AI score0.00936EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/11 12:0 a.m.•28 views

JVN#36684331: WEB FORUM vulnerable to cross-site scripting

WEB FORUM provided by KENT-WEB is a bulletin board software. WEB FORUM contains a vulnerability in processing the web page to be output, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the lates...

4.3CVSS5.8AI score0.01029EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/16 12:0 a.m.•28 views

JVN#87239473: Ichitaro series vulnerable to arbitrary code execution

The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. Impact When opening a specially crafted file locally or through a website, an attacker may be able to execute arbitrary code. Solution Update the Software...

9.3CVSS7AI score0.05564EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/26 12:0 a.m.•28 views

JVN#36765384: Google Chrome information disclosure vulnerability

Google Chrome contains an information disclosure vulnerability caused by the improper handling of XML files. Impact When viewing a specially crafted web page, information may be disclosed. Solution Update the Software Update to the latest version according to the information provided by the...

6.5CVSS6.1AI score0.00761EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/22 12:0 a.m.•28 views

JVN#07497935: Multiple Yokka provided products may insecurely load executable files

Multiple products provided by Yokka such as text editors, contain an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update the Software Update to the latest version...

6.9CVSS7.3AI score0.00279EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/08/25 12:0 a.m.•28 views

JVN#12683004: SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability

SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding RPF does not properly function in strict mode. Impact Packets that should be discarded, such as when an IP address is spoofed, may be transferred without being...

5.8CVSS6.4AI score0.01864EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/08/20 12:0 a.m.•28 views

JVN#54336184: Winny BBS information processing vulnerability

Winny is a P2P file sharing software. Winny contains a vulnerability in the processing of BBS information, which can be used to launch Distributed Denial of Service DDoS attacks. Impact A user may take part in a DDoS attack by a remote attacker. Solution Do not use Winny Please discontinue use of...

10CVSS6.5AI score0.01446EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/04/01 12:0 a.m.•28 views

JVN#57963254 Compiere vulnerable to cross-site scripting

Compiere provided by Almas Inc. is an Enterprise Resource Planning ERP and Customer Relationship Management CRM software. Compiere contains a cross-site scripting vulnerability. This vulnerability is different from JVN38687002. Impact When a user is logged into Compiere, an arbitrary script may b...

4.3CVSS5.8AI score0.01528EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/12/25 12:0 a.m.•28 views

JVN#98063934 BlackJumboDog authentication bypass vulnerability

BlackJumboDog from SapporoWorks is a software that provides server functions for an intranet. BlackJumboDog contains an authentication bypass vulnerability Impact A remote attacker can bypass authentication of BlackJumboDog. As a result, the attacker gains access to the server and information may...

5CVSS6.6AI score0.01474EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/12/25 12:0 a.m.•28 views

JVN#17298485 Mayaa cross-site scripting vulnerability

Mayaa from Seasar Project is an open source Java template engine. The default error page that Mayaa displays contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Apply the latest update provided by the...

4.3CVSS6AI score0.01263EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/09/17 12:0 a.m.•28 views

JVN#94163107 Kantan WEB Server cross-site scripting vulnerability

Kantan WEB Server is a web server for Windows provided by Arihiro Kurata. Kantan WEB Server contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the developer. Products...

4.3CVSS6.1AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/08/21 12:0 a.m.•28 views

JVN#52557009 La!cooda WIZ and LacoodaST vulnerable to cross-site scripting

La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the web browser of the user who...

4.3CVSS6AI score0.01528EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/06/04 12:0 a.m.•28 views

JVN#25448394 Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history

Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted string is used in a search, an arbitrary script may be executed on the user's web browser when the...

4.3CVSS6.5AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/03/21 12:0 a.m.•28 views

JVN#00892830 Namazu cross-site scripting vulnerability

Namazu, Japanese full-text search engine does not specify charset in the ContentType header that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact An arbitrary script could be executed on the user's web browser. Solution Update the Software Update to t...

7.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/03/05 12:0 a.m.•28 views

JVN#10056705 FTP bounce vulnerability in multiple Canon digital multifunction copiers and laser beam printers

The Canon Color imageRUNNER Series, imageRUNNER Series, imagePRESS Series, and laser beam printer series are digital multifunction copiers and printers. Some of these products contain a vulnerability that could allow a remote attacker to access other network devices via a built-in FTP server...

6.4CVSS6.3AI score0.02051EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2007/06/07 12:0 a.m.•28 views

JVN#23891849 ADPLAN cross-site scripting vulnerability

ADPLAN Version 3, web access measurement software provided by Opt, Inc., contains a cross-site scripting vulnerability in the SEO search engine optimization module. A website that employs ADPLAN Version 3 service generates a web page using the HTTP header information sent from a client web browse...

6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2007/02/10 12:0 a.m.•28 views

JVN#77366274 CCC Cleaner buffer overflow vulnerability

Impact Arbitrary code could be executed when CCC Cleaner scans UPX-packed files. Solution Products Affected CCC Cleaner CCC pattern Ver:185 CCC Cleaner is affected by this vulnerability only when the following file is contained in the "CCC Cleaner" folder. Filenames: lpt$vpn.185 As of February 13...

9.3CVSS6.4AI score0.083EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2005/10/21 12:0 a.m.•28 views

JVN#59130192 eBASEweb SQL injection vulnerability

Impact A remote attacker could alter database content or steal data. Solution Update the Software Apply the latest updates provided by the vendor. Products Affected eBASEweb version 3.0...

7.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/08/05 12:0 a.m.•27 views

JVN#50850706: Pimax Play and PiTool accept WebSocket connections from unintended endpoints

Pimax Play and PiTool provided by Pimax accept WebSocket connections from unintended endpointsCWE-923. Impact Arbitrary code may be executed by a remote unauthenticated attacker. Solution Update the Software For Pimax Play, update the software to the latest version according to the information...

9.8CVSS9.5AI score0.0064EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/05/10 12:0 a.m.•27 views

JVN#83405304: "OfferBox" App uses a hard-coded secret key

"OfferBox" App provided by i-plug inc. uses a hard-coded secret key for JWT CWE-321. Impact The hard-coded secret key for JWT may be retrieved if the application binary is reverse-engineered. Solution The hard-coded secret key has been revoked by the developer on May 8, 2024 therefore this...

7.5CVSS7.2AI score0.00365EPSS
Exploits0
Total number of security vulnerabilities5000